Data API Authentication
SingleStore's Data API uses Basic and Bearer Authentication standards.
jwks_ in the engine.
To enable JWT-based authentication on SingleStoreDB Cloud,
Configure the JWKS endpoint.
jwks_variable on the database server.
Make a HTTP request to the
/api/v2/jwks_endpoint using the
A user agent can authenticate with the server by sending its credentials in an Authorization request header.
Authorization: [Basic | Bearer] <Base-64 encoded username:password|JWT>
For example, the Basic Authorization header for the username
demo and password
Afu4XjzB1ns would appear as follows, where
ZGVtbzpBZnU0WGp6QjFucw== is the Base-64 encoding of the
Authorization: Basic ZGVtbzpBZnU0WGp6QjFucw==
If the server requires the user agent to authenticate itself after receiving an unauthenticated request, it will respond with a 401 Unauthorized status and the WWW-Authenticate header.
When using a third-party SQL client or development tool, you must first add a database user to log into a SingleStoreDB Cloud database.
As the Basic and Bearer Authentication methods transfer the username and password (or JWTs) over the network in clear text, it must be used in conjunction with HTTPS/SSL for added security.
Last modified: May 5, 2023